What is claimed is: 



1. An integrated security gateway apparatus interfacing 
with an internal network and an external network for 
5 blocking a selected packet from the internal network or 
external network, comprising: 

a packet duplicating module for receiving and 
duplicating an incoming packet from one of the internal and 
external networks; 
10 a black zone server coupled to the packet duplicating 

module for analyzing the duplicated packet; and 

an inspection engine coupled to the packet duplicating 
module and the block zone server for inspecting whether the 
received incoming packet corresponds to said selected packet 
15 to be blocked based on the analysis in the block zone server, 

wherein said black zone server serves as at least one 
of an intrusion detection system, an ant i -virus system and a 
noxious site blocking system. 

20 2. The apparatus of claim 1, wherein the external network 
is the Internet. 

3. The apparatus of claim 1, wherein said internal 
network is a local area network. 
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4. The apparatus of claim 1, further comprising 

encrypting/decrypting means for encrypting the received 
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incoming packet if said received packet is from the internal 
network to the external network and decrypting otherwise. 



5. The apparatus of claim 4, wherein said 
5 encrypting/decrypting means uses different keys depending on 

the source and the destination of the received packet. 

6. A networking system consisting of at least one 
internal network and an external network, comprising: 

10 an integrated security gateway interfacing with said 

at least one internal network and said external network for 
receiving and duplicating an incoming packet from one of the 
internal and external networks; and 

a black zone server coupled to the integrated security 
15 gateway for analyzing the duplicating packet, 

said integrated security gateway inspecting whether 
the received incoming packet is to be denied based on the 
analysis in the black zone server. 

20 7. The system of claim 6, wherein the external network is 
the Internet . 

8. The system of claim 6, wherein said internal network 
is a local area network. 
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9. The system of claim 6, wherein said integrated 
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security gateway encrypts the received packet if said 
received packet is from the internal network to the external 
network and decrypts otherwise. 

10. The system of claim 9, wherein said integrated 
security gateway uses different keys depending on the source 
and the destination of the received packet. 



